Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-204

CWE-204

Observable Response Discrepancy

Parent: CWE-203 - Observable Discrepancy

The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

157 vulnerabilities with CWE-204

CVE-2025-34255 MEDIUM

D-Link Nuclias Connect <=1.3.1.4 - Info Disclosure

CVE-2025-34254 MEDIUM

D-Link Nuclias Connect <=1.3.1.4 - Info Disclosure

CVE-2025-61907 MEDIUM

Icinga 2.4-2.15.0 - Authenticated Information Disclosure via Filter Expression

CVE-2025-61789 MEDIUM

Icinga DB Web <1.1.4-1.2.3 - Info Disclosure

CVE-2025-42903 MEDIUM

SAP Financial Service Claims Management - Info Disclosure

CVE-2025-58586 MEDIUM

Sick Analytics Products - Username Enumeration via Different Error Messages

CVE-2025-56764 MEDIUM

Trivision NC-227WF <5.80 - Info Disclosure

CVE-2025-58442 MEDIUM

Saleor 3.21.0-3.21.15 - User Enumeration via accountRegister Response Discrepancy

CVE-2025-9824 MEDIUM

Mautic Core 4.4.0-4.4.16, 5.0.0-alpha-5.2.7, 6.0.0-alpha-6.0.4 - User Enumeration via Timing Discrepancy

CVE-2025-9109 LOW

Portabilis i-Diario <1.5.0 - Info Disclosure

CVE-2025-46390 HIGH

Emby/MediaBrowser 4.9.0.35 - Observable Response Discrepancy

CVE-2025-54834 MEDIUM

OPEXUS FOIAXpress PAL <11.1.0 - Info Disclosure

CVE-2025-52899 MEDIUM

Tuleap <16.9.99.1750843170, <16.8-4, <16.9-2 - Info Disclosure

CVE-2025-54129 MEDIUM

HAXiam < 11.0.5 - Authenticated User Enumeration via Response Discrepancy

CVE-2025-27451 MEDIUM

Endress meac300-fnade4 Firmware <= 0.16.0 - Username Enumeration via Different Error Messages

CVE-2025-3092 HIGH

Unprotected Endpoint - Info Disclosure

CVE-2025-5485 HIGH

Web Management Interface - Info Disclosure

CVE-2025-49187 MEDIUM

Sick Field Analytics - Username Enumeration via Different Error Messages

CVE-2025-0163 MEDIUM

IBM Security Verify Access Appliance & Docker <10.0.9 - Info Disclo...

CVE-2025-3939 MEDIUM

Tridium Niagara Framework and Enterprise Security < 4.14.2, < 4.15.1, < 4.10.11 - Observable Response Discrepancy

CVE-2025-48015 LOW

SEL-5056 Software-Defined Network Flow Controller < 2.16.0 - Username Enumeration via Login Response Discrepancy

CVE-2025-46736 MEDIUM

Umbraco <10.8.10, <13.8.1 - Info Disclosure

CVE-2025-24342 MEDIUM

Bosch Rexroth ctrlX OS 1.12.0-1.12.8, 1.20.0-1.20.6, 2.6.0-2.6.7 - Unauthenticated Username Enumeration

CVE-2025-30150 MEDIUM

Shopware < 6.5.8.18 and 6.6.0.0-6.6.10.3 - Account Enumeration via Password Recovery Endpoint

CVE-2025-30280 MEDIUM

Mendix Runtime <10.21.0, 10.12.16, 10.18.5, 10.6.22, 8.18.35, 9.24....

Previous Page 3 of 7 Next

Details

Vulnerabilities 157

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy